YouTube home National Registration Day


RSA 2010: Start thinking about security beyond just compliance





The interactive transcript could not be loaded.



Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Uploaded on Mar 2, 2010

David Spark here reporting for Tripwire at the 2010 RSA Conference in San Francisco.

After the industry analysts' roundtable at the RSA Conference 2010 I spoke with Jonathan Penn of Forrester. Penn covers all areas of security from the vendor side, but the area we focused on was the issue of compliance.

Compliance distracts people from doing their business better. For most organizations, it's just a check box. And as we've heard over and over again, compliance does not equal security.

In fact, many organizations wouldn't do data security if it wasn't a requirement. That's why we have compliance requirements and because it's "required" projects within an organization only get funding if they're connected to some regulation.

See my related article "Security industry analysts roundtable" and my interview with Christian Christiansen "Stop obsessing over compliance and start obsessing over audits."

Check out more of Tripwire's coverage from the 2010 RSA Conference in San Francisco.


When autoplay is enabled, a suggested video will automatically play next.

Up next

to add this to Watch Later

Add to

Loading playlists...